We know from experience that healthcare organizations and their providers can benefit tremendously from a robust risk management program. Sound practices can help protect patients, avoid lawsuits and improve compliance. I asked our risk management partner, Michelle Foster Earle, President of OmniSure Consulting Group, what OmniSure recommends to its clients. “Managing risk in any organization is a multi-faceted, ever-changing challenge. It’s also somewhat of an art and there is no one-size-fits-all and certainly not a silver bullet approach that works in all professional settings,” she explained. “In healthcare, risk management has evolved through years of trial and error from being primarily reactive to more of a proactive, strategic function designed to prevent future errors, adverse events and subsequent lawsuits.”

As a result of this evolution, a number of best practices have been proven to garner more favorable outcomes when it comes to reducing risk and preventing insurance claims. OmniSure recommends developing a risk management plan that starts with five key components as the framework for a comprehensive approach that will help reduce risk and ultimately improve patient outcomes.

#1 Conduct a baseline assessment. Does the healthcare provider or facility have the basics in place for regulatory compliance and quality care? It’s a common scenario – well-meaning supervisors and employees go to work every day focused on providing care and solving the problems of the day – but they often overlook the not so urgent – but nonetheless important details that can get the organization into trouble. We often find holes but with education and recommendations, they can be assisted to meet the required standards and best practices. For example, maybe they are not doing OIG exclusion checks because they didn’t know to; maybe they are not tracking near misses to prevent errors in the future; or maybe they haven’t focused on measuring patient satisfaction. Once identified, all of these are issues that can be easily remedied.

#2 Assess the organization’s culture. Is patient safety a priority? Do they practice a fear-based blame and shame type of response to errors, or do they embrace what is known in patient safety circles as a Just Culture by rewarding transparency and actively pursuing information on how to avoid honest mistakes by changing systems with human error prone weaknesses? Open collaboration among the various levels of the organization is a key component to a patient safety culture. Staff must feel free to speak openly about potentially unsafe situations and initiate dialogue leading to improvements. A Just Culture strikes a balance between a no-blame culture that does not hold individuals accountable for their actions and the traditional, overly-punitive bad apple culture that seeks to ascribe blame for error to individual practitioners. What about the venue? Is the policyholder in a state with apology laws to protect compassionate disclosure?

#3 Focus on Communication. Communication is the number one predictor of claims. Author Malcolm Gladwell helps to explain the reasons in his book, Blink: “The overwhelming number of people who suffer an injury due to the negligence of a doctor never file a malpractice suit at all. Patients don’t file lawsuits because they’ve been harmed by shoddy medical care. Patients file lawsuits because they’ve been harmed by shoddy medical care – and something else happens to them.” Gladwell, in fact, tells us: “What comes up again and again in malpractice cases is that patients say they were rushed or ignored or treated poorly.” If physicians take even a few minutes of extra time to answer all questions and address all concerns, patients and their families will walk away feeling as though they had all the information, even if a bad outcome occurred. They will be much less likely to seek the counsel of an attorney. For a busy physician, it can feel as though there simply isn’t enough time to talk to patients, but from a risk management perspective, the importance cannot be stressed enough. It’s imperative to take the time to communicate every step of a patient’s care with them – to listen and answer their questions. Not only does this help to build trust, it can also minimize the risk of a lawsuit. Excellent communication is a “win-win.” Also, patients should be encouraged to speak up when something seems off or they have a question. Focusing on informed consent, teaching emotional intelligence, implementing structured communication during handoffs and scheduled follow-up are all part of improving communication.

#4 Look at contract management. Are there contracts in effect that should be cancelled or renegotiated? Are the contracts with current vendors and service partners up to date, including regulatory updates and requirements? Are contracted companies under special focus by the OIG? Do they carry regulatory liability and cyber liability in the event of a HIPAA violation or data breach? We often find contracts with hold harmless and indemnity language that leave one or the other parties with coverage gaps because what legal counsel has inserted in contracts hasn’t been communicated to the organization’s insurance broker. It’s equally important to look at how the contract language compares to what happens in actual practice. Are there any discrepancies in the care or documentation?

#5 Seek the perspective of an outside, objective party. It can be extremely helpful to find a third party partner with experience and expertise that may not be available inside the organization. Risk management specialists with diverse skill sets and up-to-date industry knowledge can offer valuable insights and confidential advice. Consultants may also offer tools such as sample checklists, forms and policies and procedures as well as ongoing tips that will keep risk management and patient safety top of mind.

The key to a successful risk management plan is to be proactive. By focusing on the five areas outlined, healthcare organizations can thoroughly assess and prioritize weaknesses and then develop a systematic approach to reducing risk in each area. Finding the necessary resources, including industry experts, and carefully following a plan will go a long way in getting ahead of adverse events and preventing lawsuits.

Here’s a link to a related article in Healthcare Risk Management Review, where both Michelle and I are quoted – it discusses common mistakes made by healthcare risk managers – like leaving money on the table – funds available (from insurers) for risk management consulting – that are often not utilized.